The list of MOVEit victims has kept on growing, and can now have healthcare provider Welltok added to it.
TechCrunch found the company has begun sending out breach notifications to affected customers after filing a breach notification with the Maine Attorney General, outlining how, despite an initial investigation showing no evidence of compromise, a second analysis determined unauthorized access enabled via the MOVEit vulnerability.
Welltok also published an announcement on its website, in which it claimed hackers stole Social Security Numbers (SSN), Medicare and Medicaid ID numbers and, for some patients, health insurance data, along with names, birth dates, postal addresses, and healthcare information, with around 1.6 million people thought to have been affected overall.
Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.
Preferred partner (What does this mean?)
The incident affected group healthcare plans for Stanford Health Care, Lucile Packard Children’s Hospital Stanford, Stanford Health Care Tri-Valley, Stanford Medicine Partners, and Packard Children’s Health Alliance, the company added.
TechCrunch also believes Welltok may have not listed all of the affected clients. It found Corewell Health, Sutter Health, and St. Bernards, all confirming data breaches recently, and allegedly - all three were using Welltok for patient communication.
The firm, acquired by Virgin Pulse in November 2021, is a patient engagement company that encourages users to engage with their healthcare providers via text, email, social media, and similar.
In late May 2023, cybersecurity researchers determined that MOVEit, a well-known managed file transfer product, carried a major security flaw that allowed hackers to steal sensitive data.
MOVEit was used by many organizations around the world, including SMBs and large enterprises and newer estimates show that more than 2,500 companies may have been affected by the breach. More than 60 million people have had their sensitive data stolen in the attack whose aftermath is still being uncovered today.
More from TechRadar Pro
- More WinRar security flaws are being exploited to attack foreign embassies
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.